I was looking through my logs today at all of the weird connection
attempts and I got to thinking.
Right now, I have a daemon which bans things which attempt to log into
my system too many times. That's fine, but it doesn't really do much.
I am thinking that I might ban *anything* for 30 days which attempts to
connect to any port on which I don't have anything running.
Is there any reason *not* to do this? We're not talking about a
development machine; this is just my mail server.
-a
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
